The bright side of Blaster

Friday, 15 August 2003, 11:43 AM EST

The Blaster worm has infected hundreds of thousands of Windows machines, shut down the Maryland state DMV, put network administrators on overtime, crashed countless consumer's home computers, and on Saturday it will attempt a denial-of-service attack on Microsoft's Windows Update site. But that doesn't make it all bad.

Blaster, also known as MSBlast and LovSan, hit the Internet on Monday, spreading through the RCP DCOM vulnerability discovered by the Polish security research group Last Stage of Delirium earlier this year. The worm is built on dcom.c, one of the public exploit programs that emerged to demonstrate and exercise the flaw in the days and weeks following Microsoft's July 16th advisory. According to data gathered by (SecurityFocus publisher) Symantec's DeepSight network of intrusion detection systems, by Thursday afternoon the worm had infected over 330,000 Windows XP and Windows 2000 machines.

As nasty as that is, security experts say it could have been much worse: the worm is hampered by clumsy construction, and it does not contain a malicious payload to damage victim's files. Moreover, in its reckless tear through cyberspace Blaster is accomplishing what a month of warnings from the security community, an unprecedented mass-e-mail campaign by Microsoft, and two advisories from the Department of Homeland Security all failed to do: it's forcing companies and consumers to install the patch for the serious RPC DCOM vulnerability, shutting down computer intruders who've had their pick of these systems for weeks.

[ Read more ]

Related items




Spotlight

The psychology of phishing

Posted on 23 July 2014.  |  Cybercriminals no longer send out thousands of emails at random hoping to get a handful of hits, today they create highly targeted phishing emails which are tailored to suit their recipients.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //